Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/760b79cf-4b6a-441d-8cec-518fe8e653f9.roa
File: 760b79cf-4b6a-441d-8cec-518fe8e653f9.roa (raw, json)
Hash identifier: /Yr7jIJIYAV+qAKDzh/Eu9I5BG5HBj29x0DgGdGsgow=
Subject key identifier: 89:08:0E:75:D0:58:5A:23:EC:99:BC:DA:9A:38:F3:6A:06:46:EE:F6
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 4243765147B47965DE1A360E9BD6A134C4C52ECD
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/760b79cf-4b6a-441d-8cec-518fe8e653f9.roa
Signing time: Fri 26 Apr 2024 00:00:00 +0000
ROA not before: Fri 26 Apr 2024 00:00:00 +0000
ROA not after: Fri 31 May 2024 23:59:59 +0000
asID: 14618
IP address blocks: 57.101.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 06 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
42:43:76:51:47:b4:79:65:de:1a:36:0e:9b:d6:a1:34:c4:c5:2e:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 26 00:00:00 2024 GMT
Not After : May 31 23:59:59 2024 GMT
Subject: serialNumber=64fe344cb1c41f4fa3c883fccf84ac1d588a3e95f838dfd6e880c5e65003d015, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:92:3a:4c:2b:66:07:cf:52:bc:cf:27:49:4e:
8b:f7:a9:14:ad:54:67:dc:c1:f5:c9:cb:92:34:c8:
21:67:33:9b:34:0a:f6:19:a5:ac:0c:57:a6:d6:7d:
7b:15:21:c3:74:c1:c4:1e:db:2d:98:bb:b7:d4:07:
94:f5:62:86:e1:35:07:8b:27:c6:22:5f:fa:e1:ff:
ef:c2:fc:31:85:70:4d:ec:6a:8e:61:82:b4:17:3a:
57:5b:51:04:f0:8c:37:1e:4f:a1:f1:3d:fe:b6:df:
19:c0:2a:2b:2d:e0:ae:68:b7:e4:a6:cf:da:6a:50:
10:0b:4f:b9:cc:da:e2:55:43:ff:cb:f3:3b:1b:ed:
46:38:58:4e:b3:0f:78:d4:09:86:2f:b5:a0:c2:45:
36:62:2f:c2:a7:12:70:94:6f:96:eb:aa:aa:4e:80:
76:99:b2:1c:0d:2d:23:e5:68:89:5d:7c:a6:dd:4e:
cf:ad:60:34:1c:b5:25:4d:21:c8:5d:49:33:82:f2:
d3:2d:59:cf:02:0f:fa:77:e5:2d:f2:73:53:39:8f:
d7:4f:f4:fd:02:08:8f:14:11:66:d3:97:04:db:f6:
5e:b9:16:5a:3c:be:c9:5b:0e:53:f0:3d:e9:d7:43:
78:ae:2c:6e:23:0c:73:2f:2b:32:2f:33:2a:34:a6:
50:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:08:0E:75:D0:58:5A:23:EC:99:BC:DA:9A:38:F3:6A:06:46:EE:F6
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/760b79cf-4b6a-441d-8cec-518fe8e653f9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
57.101.0.0/16
Signature Algorithm: sha256WithRSAEncryption
ca:94:19:f5:9f:ad:88:c0:aa:4e:19:11:06:38:90:41:37:5a:
9c:b5:a8:20:fc:a1:a3:e3:5d:ed:94:66:4d:0b:fe:53:09:9d:
bb:0f:a4:af:05:e4:72:d5:92:01:30:be:eb:97:e6:93:0e:5c:
7d:40:86:ba:0f:be:78:7b:f7:90:0a:6d:cd:38:e4:5d:71:f7:
83:6b:d5:b2:4b:b5:f0:12:ff:aa:eb:db:7e:a4:ee:af:8c:a1:
14:44:bb:16:56:18:6e:f6:e5:93:20:9b:33:15:01:7e:44:78:
14:49:6d:bf:12:85:f5:ba:c8:6b:a1:cd:e9:b3:10:d4:41:81:
5e:81:22:a4:e2:8a:ee:21:7a:69:d0:05:7d:4c:63:86:64:74:
31:0e:c7:dc:15:1b:10:4d:4a:07:c3:ea:4c:b2:68:cd:e8:40:
86:5c:34:fd:d7:44:d7:ff:a1:ef:c2:fc:65:31:0e:a6:0a:46:
a2:57:c4:73:2f:e8:c4:b4:e8:e3:9d:09:c8:9a:1e:17:a9:c3:
ec:c1:00:b3:e3:93:be:6c:37:51:25:32:67:9d:c2:e0:03:e7:
53:3b:71:3a:4c:26:7b:e6:7e:b7:55:cd:22:49:21:94:63:ba:
19:ed:c2:cf:ff:fe:65:b2:51:e3:3a:2c:f5:61:5c:cf:55:4a:
90:04:08:1a
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUQkN2UUe0eWXeGjYOm9ahNMTFLs0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MjYwMDAwMDBaFw0yNDA1MzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDY0ZmUzNDRjYjFjNDFmNGZhM2M4ODNmY2NmODRhYzFkNTg4YTNlOTVmODM4
ZGZkNmU4ODBjNWU2NTAwM2QwMTUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM6SOkwrZgfPUrzPJ0lOi/epFK1UZ9zB9cnLkjTIIWczmzQK9hmlrAxXptZ9
exUhw3TBxB7bLZi7t9QHlPVihuE1B4snxiJf+uH/78L8MYVwTexqjmGCtBc6V1tR
BPCMNx5PofE9/rbfGcAqKy3grmi35KbP2mpQEAtPucza4lVD/8vzOxvtRjhYTrMP
eNQJhi+1oMJFNmIvwqcScJRvluuqqk6AdpmyHA0tI+VoiV18pt1Oz61gNBy1JU0h
yF1JM4Ly0y1ZzwIP+nflLfJzUzmP10/0/QIIjxQRZtOXBNv2XrkWWjy+yVsOU/A9
6ddDeK4sbiMMcy8rMi8zKjSmUC8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSJCA51
0FhaI+yZvNqaOPNqBkbu9jAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NzYwYjc5Y2YtNGI2YS00NDFkLThjZWMtNTE4ZmU4ZTY1M2Y5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADllMA0G
CSqGSIb3DQEBCwUAA4IBAQDKlBn1n62IwKpOGREGOJBBN1qctagg/KGj413tlGZN
C/5TCZ27D6SvBeRy1ZIBML7rl+aTDlx9QIa6D754e/eQCm3NOORdcfeDa9WyS7Xw
Ev+q69t+pO6vjKEURLsWVhhu9uWTIJszFQF+RHgUSW2/EoX1ushroc3psxDUQYFe
gSKk4oruIXpp0AV9TGOGZHQxDsfcFRsQTUoHw+pMsmjN6ECGXDT910TX/6Hvwvxl
MQ6mCkaiV8RzL+jEtOjjnQnImh4XqcPswQCz45O+bDdRJTJnncLgA+dTO3E6TCZ7
5n63Vc0iSSGUY7oZ7cLP//5lslHjOiz1YVzPVUqQBAga
-----END CERTIFICATE-----
Generated at Sun May 5 22:37:13 2024 by rpki-client on console-ams.rpki-client.org